Re: Rule for encoded/bugged URLs?
On Oct 31, 2008, at 11:59 AM, Kelson wrote:
> Kevin Windham wrote:[color=green]
>> The other sign is the encoded img tags. I can't recall seeing a
>> regular site use img tags that are encoded with no meaningful name.[/color]
> I take it you've never looked at the HTML code for, say, Flickr or
> Amazon? A *lot* of dynamic websites will use a catalog number (or
> equivalent) instead of a human-readable name for their image
No you're right. I should have said html emails and not site. I don't
think I've gotten any html emails from Amazon in a long time, and
never one from Flickr, but I looked at ebay and paypal emails I had
saved and those seem mostly normal. The names are shorter and more
meaningful, although I'm not sure you could get a rule to reliably
detect the difference. I would guess you could check for matches in
images and links that appear multiple times. It is simple for me to
see, but teaching the computer how to do it would be difficult.
However, the Message-ID appearing in any URLs or image names does seem
like an odd thing to do for a normal mail, and that might be useful
until the spammers change their tool(s).